Nazca: Detecting Malware Distribution in Large-Scale Networks

Author(s): Luca Invernizzi, Stanislav Miskovic, Ruben Torres, Christopher Kruegel, Sabyasachi Saha, Giovanni Vigna, Sung-Ju Lee, Marco Mellia

Download: Paper (PDF)

Date: 22 Feb 2014

Document Type: Briefing Papers

Additional Documents: Slides

Associated Event: NDSS Symposium 2014

Abstract:

In this paper, we look at the collective network traffic produced by thousands of clients, and we detect malware downloads without analyzing the downloaded programs. Instead, we study patterns that become apparent only when leaving the myopic view of individual downloads, by observing malware distribution infrastructures as sophisticated and blacklist-resilient content distribution networks.